fix(desktop): validate adminRouting with type-safe parsing and logged warnings

- Add type guard (typeof parsed === 'object' && 'llm_routing' in parsed) before accessing llm_routing - Replace silent catch with log.warn for parse failures - Add 8 unit tests covering valid/invalid/null/malformed inputs
2026-03-31 16:17:29 +08:00
parent a3bdf11d9a
commit 97698f54b2
2 changed files with 71 additions and 15 deletions
--- a/desktop/src/store/connectionStore.ts
+++ b/desktop/src/store/connectionStore.ts
@@ -357,23 +357,26 @@ export const useConnectionStore = create<ConnectionStore>((set, get) => {
        try {
          const raw = localStorage.getItem('zclaw-saas-account');
          if (raw) {
-            const storedAccount = JSON.parse(raw);
-            // storedAccount is SaaSAccountInfo (saved directly by saveSaaSSession)
-            // 类型安全解析: 仅接受 'relay' | 'local' 两个合法值
-            const adminRouting = storedAccount?.llm_routing;
-            if (adminRouting === 'relay') {
-              // Force SaaS Relay mode — admin override
-              localStorage.setItem('zclaw-connection-mode', 'saas');
-              log.debug('Admin llm_routing=relay: forcing SaaS relay mode');
-            } else if (adminRouting === 'local' && isTauriRuntime()) {
-              // Force local Kernel mode — skip SaaS relay entirely
-              adminForceLocal = true;
-              localStorage.setItem('zclaw-connection-mode', 'tauri');
-              log.debug('Admin llm_routing=local: forcing local Kernel mode');
+            const parsed = JSON.parse(raw);
+            // Type-safe parsing: only accept 'relay' | 'local' as valid values
+            if (parsed && typeof parsed === 'object' && 'llm_routing' in parsed) {
+              const adminRouting = parsed.llm_routing;
+              if (adminRouting === 'relay') {
+                // Force SaaS Relay mode — admin override
+                localStorage.setItem('zclaw-connection-mode', 'saas');
+                log.debug('Admin llm_routing=relay: forcing SaaS relay mode');
+              } else if (adminRouting === 'local' && isTauriRuntime()) {
+                // Force local Kernel mode — skip SaaS relay entirely
+                adminForceLocal = true;
+                localStorage.setItem('zclaw-connection-mode', 'tauri');
+                log.debug('Admin llm_routing=local: forcing local Kernel mode');
+              }
+              // Other values (including undefined/null/invalid) are ignored, fall through to default logic
            }
-            // 其他值（含 undefined/null/非法值）忽略，走默认逻辑
          }
-        } catch { /* ignore parse errors, fall through to default logic */ }
+        } catch (e) {
+          log.warn('Failed to parse admin routing from localStorage, using default', e);
+        }

        // === Internal Kernel Mode: Admin forced local ===
        // If admin forced local mode, skip directly to Tauri Kernel section